![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
index deaaa40f8b01d8313ebb4c1a36dfc13d5398da86..ceacd8a0054663385ce031ecaefcc661687d0420 100644 (file)
.B Generic options
.PP
-.B forceglobals
+.B forceGlobals
.I bool
.PP
The
-.I forceglobals
+.I forceGlobals
statement enables PHP security checks to force register_global settings to
be switched off.
.PP
-.B forcessl
+.B forceSSL
.I bool
.PP
The
-.I forceglobals
+.I forceSSL
statement enables PHP security checks to force encrypted access to the web
interface. GOsa will try to redirect to the same URL - just with https://.
.PP
-.B warnssl
+.B warnSSL
.I bool
.PP
The
-.I warnssl
+.I warnSSL
statement enables PHP security checks to detect non encrypted access to
the web interface. GOsa will display a warning in this case.
.PP
to be shown in the environment and system plugins.
.PP
-.B htaccess_auth
+.B htaccessAuthentication
.I bool
.PP
The
-.I htaccess_auth
+.I htaccessAuthentication
variable tells GOsa to use either htaccess authentication or LDAP authentication. This
can be used if you want to use i.e. kerberos to authenticate the users.
.PP
-.B gosa_si
+.B gosaSupportURI
.I URI
.PP
The
-.I gosa_si
+.I gosaSupportURI
defines the major gosa-si server host and the password for GOsa to connect to it.
can be used if you want to use i.e. kerberos to authenticate the users.
if your group plugin is slow.
.PP
-.B ie_png_workaround
+.B iePngWorkaround
.I bool
.PP
The
-.I ie_png_workaround
+.I iePngWorkaround
variable enables or disables a workaround for IE < 7 in order to display transparent
PNG files correctly. This drastically slows down browsing. Please use Firefox or Opera
instead.
.I ou=groups.
.PP
-.B winstations
+.B sambaMachineAccountRDN
.I string
.PP
This statement defines the location where GOsa looks for new samba workstations.
.PP
-.B ogroupou
+.B ogroupRDN
.I string
.PP
This statement defines the location where GOsa creates new object groups inside of defined
.I ou=groups.
.PP
-.B serverou
+.B serverRDN
.I string
.PP
This statement defines the location where GOsa creates new servers inside of defined
.I ou=servers.
.PP
-.B terminalou
+.B terminalRDN
.I string
.PP
This statement defines the location where GOsa creates new terminals inside of defined
.I ou=terminals.
.PP
-.B workstationou
+.B workstationRDN
.I string
.PP
This statement defines the location where GOsa creates new workstations inside of defined
.I ou=workstations.
.PP
-.B printerou
+.B printerRDN
.I string
.PP
This statement defines the location where GOsa creates new printers inside of defined
.I ou=printers.
.PP
-.B componentou
+.B componentRDN
.I string
.PP
This statement defines the location where GOsa creates new network components inside of defined
.I ou=components.
.PP
-.B phoneou
+.B phoneRDN
.I string
.PP
This statement defines the location where GOsa creates new phones inside of defined
.I ou=phones.
.PP
-.B conferenceou
+.B phoneConferenceRDN
.I string
.PP
This statement defines the location where GOsa creates new phone conferences inside of defined
.I ou=conferences.
.PP
-.B blocklistou
+.B faxBlocklistRDN
.I string
.PP
This statement defines the location where GOsa creates new fax blocklists inside of defined
.I ou=blocklists.
.PP
-.B incomingou
+.B systemIncomingRDN
.I string
.PP
This statement defines the location where GOsa looks for new systems to be joined to the LDAP.
.I ou=incoming.
.PP
-.B systemsou
+.B systemRDN
.I string
.PP
This statement defines the base location for servers, workstations, terminals, phones and
.I ou=systems.
.PP
-.B ldap_filter_nesting_limit
+.B ogroupRDN
+.I string
+.PP
+This statement defines the location where GOsa looks for object groups.
+Default is
+.I ou=groups.
+.PP
+
+.B aclRoleRDN
+.I string
+.PP
+This statement defines the location where GOsa stores ACL role definitions.
+Default is
+.I ou=aclroles.
+.PP
+
+.B phoneMacroRDN
+.I string
+.PP
+This statement defines the location where GOsa stores phone macros for use with the Asterisk
+phone server.
+Default is
+.I ou=macros,ou=asterisk,ou=configs,ou=systems.
+.PP
+
+.B faiBaseRDN
+.I string
+.PP
+This statement defines the location where GOsa looks for FAI settings.
+Default is
+.I ou=fai,ou=configs,ou=systems.
+.PP
+
+.B faiScriptRDN, faiHookRDN, faiTemplateRDN, faiVariableRDN, faiProfileRDN, faiPackageRDN, faiPartitionRDN
+.I string
+.PP
+These statement define the location where GOsa stores FAI classes. The complete base for the
+corresponding class is an additive of
+.B faiBaseRDN
+an and this value.
+.PP
+
+.B deviceRDN
+.I string
+.PP
+This statement defines the location where GOsa looks for devices.
+Default is
+.I ou=devices.
+.PP
+
+.B mimetypeRDN
+.I string
+.PP
+This statement defines the location where GOsa stores mime type definitions.
+Default is
+.I ou=mimetypes.
+.PP
+
+.B applicationRDN
+.I string
+.PP
+This statement defines the location where GOsa stores application definitions.
+Default is
+.I ou=apps.
+.PP
+
+.B ldapFilterNestingLimit
.I integer
.PP
The
-.I ldap_filter_nesting_limit
+.I ldapFilterNestingLimit
statement can be used to speed up group handling for groups with several hundreds of members.
The default behaviour is, that GOsa will resolv the memberUid values in a group to real names.
To achieve this, it writes a single filter to minimize searches. Some LDAP servers (namely
@@ -789,20 +855,20 @@ Sun DS) simply crash when the filter gets too big. You can set a member limit, w
stop to do these lookups.
.PP
-.B sizelimit
+.B ldapSizelimit
.I integer
.PP
The
-.I sizelimit
+.I ldapSizelimit
statement tells GOsa to retrieve the specified maximum number of results. The user will get
a warning, that not all entries were shown.
.PP
-.B recursive
+.B ldapFollowReferrals
.I bool
.PP
The
-.I recursive
+.I ldapFollowReferrals
statement tells GOsa to follow LDAP referrals.
.PP
.PP
.I adduser.conf
to avoid overlapping uidNumber values between local and LDAP based lookups. The uidNumberBase
can even be dynamic. Take a look at the
-.I nextIdHook
+.I baseIdHook
definition below.
.PP
.B Asterisk options
.PP
-.B ctihook
+.B ctiHook
.I path
.PP
The
-.I ctihook
+.I ctiHook
statement defines a script to be executed if someone clicks on a phone number
inside of the addressbook plugin. It gets called with two parameters:
.nf
-ctihook $source_number $destination_number
+ctiHook $source_number $destination_number
.fi
This script can be used to do automatted dialing from the addressbook.
.B Mail options
.PP
.B mailMethod
-.I cyrus/kolab/golab/sendmail
+.I Cyrus/SendmailCyrus/Kolab/Kolab22
.PP
The
.I mailMethod
with a possible mail server. Leave this undefined if your mail method does
not match the predefined ones.
-.I cyrus
+.I Cyrus
maintains accounts and sieve scripts in cyrus servers.
-.I kolab
+.I Kolab/Kolab22
is like cyrus, but lets the kolab daemon maintain the accounts.
-.I golab is like cyrus - just with kolab attributes.
-.I sendmail just disables everything which is IMAP dependent.
+.I SendmailCyrus is based on sendmail LDAP attributes.
.PP
.B cyrusUseSlashes
statement determines if GOsa should use "foo/bar" or "foo.bar" namespaces
in IMAP. Unix style is with slashes.
-.B additionalrestrictionfilters
+.B postfixRestrictionFilters
.I path
.PP
The
-.I additionalrestrictionfilters
+.I postfixRestrictionFilters
statement defines a file to include for the postfix module in order
to display user defined restriction filters.
-.B additionalprotocols
+.B postfixProtocols
.I path
.PP
The
-.I additionalprotocols
+.I postfixProtocols
statement defines a file to include for the postfix module in order
to display user defined protocols.
and
.I uid.
+.B imapTimeout
+.I Integer (default 10)
+.PP
+The
+.I imapTimeout
+statement sets the connection timeout for imap actions.
+
+.B mailFolderCreation
+Every mail method has its own way to create mail accounts like
+.I share/development
+or
+.I shared.development@example.com
+which is used to identify the accounts, set quotas or add acls.
+
+To override the methods default account creation syntax, you can set the
+.I mailFolderCreation
+option.
+
+.I Examples
+
+.nf
+ mailFolderCreation="%prefix%%cn%" => "shared.development"
+ mailFolderCreation="my-prefix.%cn%%domain%" => "my-prefix.development@example.com">
+.fi
+
+.I Placeholders
+
+.nf
+ %prefix% The methods default prefix. (Depends on cyrusUseSlashes=FALSE/TRUE)
+ %cn% The groups/users cn.
+ %uid% The users uid.
+ %mail% The objects mail attribute.
+ %domain% The domain part of the objects mail attribute.
+ %mailpart% The user address part of the mail address.
+ %uattrib% Depends on mailAttribute="uid/mail".
+.fi
+
+
+.B mailUserCreation
+This attribute allows to override the user account creation syntax, see
+the
+.I mailFolderCreation
+description for more details.
+
+.I Examples
+
+.nf
+ mailUserCreation="%prefix%%uid%" => "user.foobar"
+ mailUserCreation=my-prefix.%uid%%domain%" => "my-prefix.foobar@example.com"
+.fi
+
+
.B vacationTemplateDirectory
.I path
.PP
@@ -1081,11 +1198,11 @@ statement tells GOsa to track LDAP timing statistics to the syslog. This may
help to find indexing problems or bad search filters.
.PP
-.B ignore_acl
+.B ignoreAcl
.I dn
.PP
The
-.I ignore_acl
+.I ignoreAcl
value tells GOsa to ignore complete ACL sets for the given DN. Add your
DN here and you'll be able to restore accidently dropped ACLs.
.PP
DEBUG_CONFIG = 64
DEBUG_ACL = 128
+
+DEBUG_SI = 256
+
+DEBUG_MAIL = 512
.PP
You can define a set of referrals if you have several server to
connect to.
+.SH Settings for the environment plugin
+
+In order to make full use of the environment plugin, you may want
+to define the location where kiosk profiles will be stored on the
+servers harddisk.
+
+This is done by the
+.I kioskPath
+keyword defined within the
+.I environment
+class definition inside your gosa.conf.
+
+.B Example:
+
+.nf
+ <plugin acl="users/environment"
+ class="environment"
+ kioskPath="/var/spool/kiosk"/>
+.fi
+
+Make sure, that this path is writeable by GOsa.
+
+.SH Settings for the FAI plugin
+
+The FAI plugin can be used in a way that it generates branched or
+freezed releases inside your repository. Specifying the
+.I postcreate
+and
+.I postmodify
+keywords in the
+.I servrepository
+definition, calls the provided script as a hook when adding or
+removing branches. This script should do the rest inside of your
+repository.
+
+.B Example:
+
+.nf
+ <tab class="servrepository"
+ repositoryBranchHook="/opt/dak/bin/get_extra_repos"
+ postcreate="/opt/dak/bin/handle_repository '%lock_dn' '%lock_name' '%lock_type' />
+.fi
+
+.I %lock_dn
+keeps the base DN of the source branch,
+.I %lock_name
+the name of the new branch and
+.I %lock_type
+is either "freeze" or "branch".
+
+The
+.I repositoryBranchHook
+outputs additional releases, that are not retrieveable with the standard
+GOsa/FAI methods.
+
+If you have only one release, or want to define a default release to be shown
+by GOsa, define the
+.I defaultFaiRelease
+within the
+.I faiManagement
+class definition
+
+.SH Settings for the addressbook plugin
+
+The addressbook plugin can be configured to store the addressbook data on
+a special location. Use the
+.I addressbookBaseDN
+keyword within the
+.I addressbook
+class definition inside your gosa.conf to configure this location.
+
+Default:
+.I ou=addressbook.
+
+.SH Settings for system plugins
+For the
+.I workstationStartup
+and
+.I terminalStartup
+classes, you can define the
+.I systemKernelsHook
+keyword. It can load additional kernels that are not retrieveable by
+standard GOsa/FAI mechanisms.
+
+In order to make use of SNMP information, you can set the
+.I snmpCommunity
+in the
+.I terminfo
+class definition.
+
+To enable the burn CD image function, you can specify the
+.I systemIsoHook
+in the
+.I workgeneric
+class. You will get a CD symbol in the systems list - which calls
+the hook if pressed.
+
.SH AUTHOR
.B gosa.conf(5)
was written by Cajus Pollmeier for